The Cato Institute is seeking a “researcher to support a campaign to educate the public and policymakers on the implications of biometric identification systems related to immigration policy reforms.
The better applicants will know how many different governmental systems work—legislation, appropriation, regulation, procurement, grant-making, and so on—and have zeal to chase down all the ways the national ID builders are using them to advance their cause.
Immigration reform legislation in the Senate that features a vast expansion of E-Verify is yet another reason to join the fight against having a national ID in the United States.
I have a blog post up at Cato@Liberty today about Senate Democrats’ national ID plans. The thing is nine printed pages long. It doesn’t get my recommendation that you read the whole thing—unless you really jones for identity-systems talk. Here’s a summary:
The plan is confusing, disorganized, repetitive, and sometimes contradictory. Summarizing it is a little like trying to piece together the egg when all you have is the omelet, but three themes emerge: First, this summary backs away from an earlier claim that there would not be a biometric national identity database. There will be a national biometric database. Second, repeating the word “fraud-proof” does not make this national ID system fraud proof. Third, this national ID system definitely paves the way for uses beyond work authorization. This is the comprehensive national identity system that people across the ideological and political spectrum oppose.
I pity the Hill staffer who had to write the national ID parts of the plan. He or she almost certainly doesn’t know enough to write sensibly about the design of identity systems, and the demands of politics require the plan to talk about impossible things as if they’re possible, and even easy.
REAL ID continues its long, slow failure. The federal government’s national ID plans continue to bash against the shoals of state and popular opposition.
Late last month, the governor of Utah signed H.B. 234 into law. The bill prohibits the Utah driver license division from implementing REAL ID. That brings to 25 the number of states rejecting the national ID law, according to the Tenth Amendment Center.
And the state of Nevada, one of few states that had been working to get in front of REAL ID, is reconsidering. With wait times at Las Vegas DMVs reaching two to four hours, the legislature may soon allow a temporary REAL ID implementation measure signed last year to lapse—this according to the Ely (NV) News.
Congress has attempted to circumvent the growing state opposition to REAL ID with the now-stalled PASS ID legislation. It basically would rename REAL ID so as to nullify the many state resolutions and laws barring implementation of the national ID law because they refer to the May 2005 “REAL ID” law specifically.
But PASS ID is the same national ID, it has all the privacy issues of REAL ID, and its costs would be as great or greater than REAL ID.
That doesn’t mean national ID supporters in Congress won’t try to sneak the REAL ID revival bill into law sometime later this year, of course . . .
—all one paragraph of it—on the Cato@Liberty blog.
The upshot: Their promise not to have a national ID database is almost certainly wrong. Sold as a simple quick-fix, it would take decades and hundreds of billions of dollars to build, encountering untold complexities beyond what we already know.
So reports the Wall Street Journal:
Lawmakers working to craft a new comprehensive immigration bill have settled on a way to prevent employers from hiring illegal immigrants: a national biometric identification card all American workers would eventually be required to obtain.
It’s the natural evolution of the policy called “internal enforcement” of immigration law, as I wrote in my Cato Institute paper, “Franz Kafka’s Solution to Illegal Immigration.”
Once in place, watch for this national ID to regulate access to financial services, housing, medical care and prescriptions—and, of course, serve as an internal passport.
This week, I have been up at Harvard University participating in another meeting of the Internet Safety Technical Task Force (ISTTF), of which I am a member. The ISTTF was organized earlier this year pursuant to an agreement between 49 state attorneys general (AGs) and social networking giant MySpace.com. A group of experts from academia, non-profit organizations, and industry were appointed to the Task Force, which is charged with evaluating the market for online child safety tools and methods and issuing a report on the matter to the AGs at the end of this year. ISTTF members have been meeting privately and publicly in both Cambridge, MA and Washington, D.C. The Task Force has been very ably chaired by John Palfrey, co-director of Harvard’s Berkman Center for Internet & Society.
Although the ISTTF is looking at a wide variety of tools and methods associated with online child protection (ex: filters, monitoring tools, educational campaigns, etc.), many of the AGs who crafted the agreement with MySpace that led to the Task Force’s formation have made it clear that they are
most interested in having the ISTTF evaluate age verification / online verification technologies. In fact, at the start of this week’s session at Harvard Law School, AGs Martha Coakely of Massachusetts and Richard Blumenthal of Connecticut both spoke and made it abundantly clear they expect the Task Force to develop age and identify-verification tools for social networking sites (SNS). AG Blumenthal said we need to deal with “the dangers of anonymity” and repeated his standard line about online age verification: “If we can put a man on the moon, we can make the Internet safe.” [Of course, putting a man on the moon took hundreds of billions of dollars and a decade to accomplish, but never mind that fact! Moreover, one could also argue that if we can put a man on the moon we can cure hunger, AIDS, and the common cold, but some things are obviously easier said than done. Finally, putting a man on the moon didn’t require all Americans or their kids to give up their anonymity or privacy rights in order to accomplish the feat!]
On many occasions here before, I have outlined various questions and reservations about proposals to mandate online age verification. Last year, I also published a lengthy white paper on the issue and hosted a lively debate on Capitol Hill [transcript here] about this. I also have discussed age verification in my book on parental controls and online child safety. [Braden Cox also talked about his experiences up at Harvard this week here, and CNet’s Chris Soghoian had a brutal assessment of this week’s proposals on his “Surveillance State” blog.]
In this essay, I will discuss the new fault lines in the debate over online age verification and outline where I think we are heading next on this front. I will argue:
- There is now widespread understanding that it is extraordinarily difficult to verify the ages and identities of minors online using the methods we typically use to verify adults. Because of this, age verification proponents are increasingly proposing two alternative models of verifying kids before they go online or visit SNS…
- First, for those who continue to believe that we must do whatever we can to verify kids themselves, schools and school records are increasingly being viewed as the primary mechanism to facilitate that. This raises two serious questions: Do we want schools to serve as DMVs for our children? And, do we want more school records or information about our kids being accessed or put online?
- Second, for those who are uncomfortable with the idea of verifying kids or using schools, or school records, to accomplish that task, parental permission-based forms of authentication are becoming the preferred regulatory approach. Under this scheme, which might build upon the regulatory model found in the Children’s Online Privacy Protection Act of 1998 (COPPA), parents or guardians would be verified somehow and then would vouch for their children before they were allowed on a SNS, however defined. But how do we establish a clear link between parents and kids? And will parents be willing to surrender a great deal more information (about themselves and their kids) before their kids can go online? And, is it sensible to use a law that was meant to protect the privacy and personal information of children to potentially gather a great deal more information about them, and their parents?
- It remains very unclear how either of those two verification methods would make children safer online. Indeed, that could actually make kids less safe by compromising their personal information and creating a false sense of security online for them and their parents.
- It is highly unlikely the Internet Safety Technical Task Force will be able to reach consensus on this complicated, controversial issue. A small camp will likely flock to the sort of proposals mentioned above. Another, larger camp (including me) will flock to education-based approaches to child safety as well increased reliance on other parental empowerment tools and strategies, industry self-regulatory efforts, social norms, and better intervention strategies for troubled youth. But the age verification debate will go on and, as was the case over the past two years, the legal battleground will be state capitals across America, with AGs likely pushing for age verification mandates regardless of what the Task Force concludes.
Continue reading if you are interested in the details.
Continue reading →
The USA Today editorial board published a nasty piece today belittling MySpace.com’s recent efforts to implement more safeguards for its users. Despite the fact that MySpace made over 70 promises to the Attorneys General as part of the agreement–the entire agreement is summarized here–that’s still not good enough for the USA Today’s editorial board, which wants full-blown identity verification before anyone is allowed on a social networking site:
“Even in the absence of a perfect software solution, interim steps are possible. How about using databases of drivers’ licenses to cross-check ages? In more than 20 states, they are public records. The point is, more effective safeguards are needed now, …. MySpace [should be] moving faster to set up age and ID verifications, not just study them.”
Well, where do I begin? I get so frustrated when I see comments like this because it is abundantly clear to me that people don’t think things through when it comes to age verification. As I pointed out in my lengthy PFF report, “Social Networking and Age Verification: Many Hard Questions; No Easy Solutions,” age verification is extremely complicated, and it would be even more complicated in this case because public officials are demanding the age verification of minors as well as adults, which presents a wide array of special challenges and concerns.
What Age Verification Really Is: The Death of Online Anonymity
We need to begin by understanding what age verification really is. By definition, mandatory age verification represents an effort to make online anonymity a crime. In simple terms, citizens would be forced to “show their papers” at the door of every website or else run the risk of being denied access–simply because they do not want to surrender their name or age.
Think about what that means. It’s easy to take the benefits of online anonymity for granted. There are millions of people who comment anonymously on blogs like this one every day, or write anonymous book or product reviews on Amazon.com or eBay, or who just chat with others about various topics under the cloak of anonymity. It is a wonderful thing.
Continue reading →
This morning in New York City, social networking website operator MySpace.com announced a major joint effort with 49 state Attorneys General aimed at better protecting children online. (Coverage at CNet, NYT and Forbes). At a joint press conference, MySpace and the AGs unveiled a “Joint Statement on Key Principles of Social Networking Safety” involving expanded online safety tools, improved education efforts, and law enforcement cooperation. They also agreed to create an industry-wide Internet Safety Technical Task Force to study online safety tools, including a review of online identity authentication technology.
Generally speaking, the agreement is step forward for online safety. Indeed, many of the principles in the agreement could form a potential model “code of conduct” that other social networking sites could adopt. In a report I authored for the Progress & Freedom Foundation in August 2006, I argued that it was vital for companies and trade associations to take steps such as this to avoid the specter of government regulation or censorship:
All companies doing business online… must show policymakers and the general public that they are serious about addressing [online safety] concerns. If companies and trade associations do not step up to the plate and meet this challenge soon—and in a collective fashion—calls will only grow louder for increased government regulation of online speech and activities. What is needed is a voluntary code of conduct for companies doing business online. This code of conduct, or set of industry “best practices,” would be based on a straight-forward set of principles and policies that could be universally adopted by [a] wide variety of operators…
In particular, this code of conduct proposal called for companies to make specific pledges regarding improved online safety tools, expanded education / media literacy efforts, and ongoing assistance to law enforcement regarding investigations of online crimes.
Continue reading →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.